Cookies & Privacy Policy

You can obtain information about our company and the services we offer in particular at www.rivadaspace.com together with the associated sub-pages (hereinafter jointly referred to as "websites" or “website”). When you visit our websites, your personal data may be processed.

1.     General information

This data privacy statement, which refers exclusively to use of our websites, is to inform you about how your personal data that is collected as part of the use of the website is handled at our end.

 

2.     The controller

The controller under data protection law is:

Rivada Space Networks GmbH, Widenmayerstraße 32, 80538 Munich, Germany (email: careers@rivadaspace.com)
Commercial register entry number: HRB 272408
Registration Court: Munich District Court

Data Protection Officer: You can contact our Data Protection Officer at deiters@bho-consulting.com or our postal address with the addition "Datenschutzbeauftragter" or “Data Protection Officer”. You can contact our data protection officer directly at any time if you have any questions or suggestions regarding data protection.

For further information on our company, please refer to the imprint details on https://rivadaspace.com/imprint.

3.     Personal data collected as part of the use of our websites

Personal data means any information concerning the personal or material circumstances of an identified or identifiable individual. This includes information such as, for example, your name, address, telephone number and date of birth etc. However, information which cannot be (in)directly associated with your real-life identity is not personal data. When you visit our websites, a so-called log data record (so-called server log files) – which qualify as personal data in terms of the GDPR – is stored temporarily and anonymously on our web server for statistical reasons and for protecting our websites against attacks. The log files consists of:

o   the page from which the page was requested (so-called referrer URL);

o   the name and URL of the requested page;

o   the date and time of the requested;

o   the description of the type, language and version of the web browser used.

o   the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.

o   the amount of data transferred

o   the operating system

o   the message whether the call was successful (access status/http status code).

o   the GMT time zone difference

 

4.     Purpose and legal basis of data processing

The processing of the log files serves statistical purposes and the improvement of the quality of our website, in particular the stability and security of the connection (legal basis is Art. 6 para. 1 p. 1 lit. f DS-GVO). If the processing of data requires the storage of information on your device or access to information already stored in the device, Section 25 (1), (2) TTDSG is the legal basis for this.

 

5.     Duration of data processing and retention periods

Your personal data will only be processed for as long as is necessary to achieve the above-mentioned processing purposes; the legal bases specified in the context of the processing purposes apply accordingly. With regard to the use and storage duration of cookies, please read our Cookie Policy under [link to Cookie Policy].

Third parties engaged by us will store your data on their systems for as long as is necessary in connection with the provision of services for us in accordance with the respective order.

 

6.     Cooperation with processors

As with any digital company, we also use external domestic and foreign service providers (e.g. for IT, logistics, telecommunications, sales and marketing) to process our business transactions. These service providers only act on our instructions and are contractually obligated to comply with the data protection provisions pursuant to Art. 28 GDPR. The websites are hosted by Squarespace Ireland Ltd., Le Pole House, Ship Street Great, Dublin 8, Ireland, under a controller-processor agreement in terms of Art. 28 GDPR.

 

7.     Conditions for the transfer of personal data to third countries

Your personal data may be transferred or disclosed to third party companies as sub-processors of Squarespace Ireland Ltd. located outside the European Economic Area (EEA), i.e. in third countries. Such processing takes place exclusively for the fulfilment of contractual and business obligations and in strict compliance with Art. 44 et seq. GDPR.

Some third countries are certified by the European Commission as having a level of data protection comparable to the EEA standard through so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be obtained here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. If this is the case, we ensure that data protection is adequately guaranteed. This is possible via binding company regulations, standard contractual clauses of the European Commission for the protection of personal data pursuant to Art. 46 para. 1, 2 lit. c GDPR (the standard contractual clauses of 2021 are available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32021D0915&locale-en), certificates or recognized codes of conduct.

Namely, the websites will be stored on servers of Squarespace Inc. under (a) the processor to processor (module 3) standard contractual clauses for the transfer of personal data to third countries pursuant to the GDPR and approved by the European Commission decision 2021/914, dated 4 June 2021; or (b) such other standard contractual clauses for the transfer of personal data to third countries that are recognised under the applicable EU Data Protection Law in the EEA, UK or Switzerland. In order to facilitate an efficient and coordinated service, all communication with Squarespace and any sub-processor (including Squarespace Inc.) in connection with such standard contractual clauses will, to the extent possible, be coordinated and directed through Squarespace Ireland Limited as the contractor of RSN.

 

8.     Data security

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties (e.g. TSL encryption for our website), taking into account the state of the art, implementation costs and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including its probability and impact) for the data subject. Our security measures are continuously improved in line with technological developments.

 

9.     No automated decision making (including profiling)

We do not intend to use any personal data collected from you for any automated decision making process (including profiling).

 

10. Legal obligation to transmit certain data

We may be subject to a specific legal or statutory obligation to provide the lawfully processed personal data to third parties, in particular public bodies (Art. 6 para. 1 p. 1 lit. c GDPR).

 

11. Rights of data subjects

If we as the controller process personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR.

To assert your rights as a data subject in relation to the data processed, please refer to our Data Protection Officer (see item 2).

 

12. Concluding provisions

We reserve the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the application process or other processes. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.